Android process death during Universal Login causes failed logins (app killed while user is in Auth0 browser)

[hamed17n]

Checklist

• The issue can be reproduced in the react-native-auth0 sample app (or N/A).
• I have looked into the Readme, Examples, and FAQ and have not found a suitable solution or answer.
• I have looked into the API documentation and have not found a suitable solution or answer.
• I have searched the issues and have not found a suitable solution or answer.
• I have searched the Auth0 Community forums and have not found a suitable solution or answer.
• I agree to the terms within the Auth0 Code of Conduct.

Description

When a user starts the Auth0 Universal Login flow on Android, the OS aggressively kills the app in the background while the user is in the Auth0 browser completing authentication. When the user finishes and returns to the app, the app has been fully restarted and the SDK has lost its state. the login cannot complete and the user is sent back to the login screen with no error. We are measuring approximately 1,000 failed logins per day from this scenario across various Android devices (Samsung, Nothing Phone, and others).

This has been acknowledged by the Auth0 Android SDK team on the native repo: #972. @pmathew92 confirmed the fix is being included in v4 of the Android SDK. Since react-native-auth0 currently bundles an older version of the native Android SDK, this fix is not yet available to React Native users.

Reproduction

1. Install the app on an Android device with aggressive battery optimization enabled (Samsung, Xiaomi, Huawei, or any device with "Don't keep activities" enabled in Developer Options as a reliable emulator equivalent).
2. Open the app and tap the login button to start the Auth0 Universal Login flow. The Auth0 browser (Chrome Custom Tab) opens.
3. Before completing the login, switch to another app or press the home button. This puts your app in the background.
4. The OS kills the app process in the background while the user is still in the browser.
5. Return to the browser and complete the login with valid credentials.
6. The browser attempts to deep-link back to the app via the redirect URI. The app restarts from a cold start.
7. Expected: The SDK recovers the OAuth callback and the user is logged in.
8. Actual: The SDK has no record of the in-flight auth attempt. The login silently fails and the user lands on the login screen again.

Easiest way to reproduce on emulator:

1. Enable "Don't keep activities" in Developer Options on the emulator.
2. Start the login flow.
3. As soon as the Auth0 browser opens, press the home button.
4. The app is immediately killed (due to the developer option).
5. Complete the login in the browser — the app relaunches but the login does not complete.

Additional context

No response

react-native-auth0 version

5.4.1

React Native version

0.81.5

Expo version

No response

Platform

Android

Platform version(s)

16

[arund-zp]

Having the same issue. Is downgrade an option?

[subhankarmaiti]

Similar to #1541, and will be picked up in the upcoming release when we have the fix in GA in auth0.android.

[arund-zp]

@subhankarmaiti Is there any workaround I can do to login for the time being?

[subhankarmaiti]

Hi @arund-zp we have no workaround as of now, already discussed this internally and working on the best possible solution. for now closing this issue and lets continue the discussion on #1541